• Detections
  • Jun 11, 2021
  • By QOMPLX

QOMPLX Detections: Reference

QOMPLX Detections: Reference

QOMPLX Detections is a reference document that provides essential information on the methods that our technology uses to identify suspicious and malicious activity within your environment.

The posts included in this document describe common attacks and malicious behaviors and the telltale signs that identify them. They are intended to provide basic information and insights about the attack activity and trends that are driving malicious campaigns and that QOMPLX helps its customers to detect and counter.

  1. Understanding Golden SAML Forgery Attack
  2. Understanding Pass The Hash Attacks
  3. Detecting Password Spraying Attacks
  4. Detecting Account Name Enumeration
  5. Detecting Successful Zone Transfer from an Unknown Source
  6. Detecting PowerShell Executed in the Background
  7. Detecting PowerShell Encoded Command Execution
  8. Detecting Use of Built-In Windows Utilities
  9. Detecting Service Installed on Sensitive Systems
  10. Detecting Suspicious Use of Regsvr32
  11. Detecting ASREP Roasting Attacks
  12. QOMPLX Knowledge: Honey Account Logins and Ticket Requests
  13. QOMPLX Knowledge: Detecting Pass The Hash Attacks
  14. QOMPLX Knowldge: Detecting Skeleton Key Attacks

You might also be interested in

MDR-Why does my organization need it?

MDR-Why does my organization need it?

Steve Nestler, Sales Engineer, discusses what MDR is as a technology and what the value proposition is for Small and Medium sized businesses (SMBs), and how it can help these organizations strengthen their current infrastructure against attack vectors and Bad Actors.

Read more
Lessons from the Medibank breach

Lessons from the Medibank breach

Ming Fu, a member of the Americas Pre-Sales Engineering Team at QOMPLX, looks at the much publicized Medibank breach in Australia last year, and draws a few much needed lessons based on the published findings of this breach.

Read more
IcedID Malware Gaining Prominence by Adding Identity Attack Chains

IcedID Malware Gaining Prominence by Adding Identity Attack Chains

Brian Freedman, WW Director of Solution Architecture highlights how identity controls are necessary tools, along with EDR, to combat evolving malware threats that have been expanding to include identity compromise as a primary objective in their attack strategies.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.